[Cryptography] Speculation considered harmful?
Jerry Leichter
leichter at lrw.com
Wed Jan 10 06:35:23 EST 2018
> In-process mitigation uses the same ideas with the compiler generating the extra branches....
https://webkit.org/blog/8048/what-spectre-and-meltdown-mean-for-webkit/ has a nice description of some of the hackery needed to mitigate Spectre. My reaction to it is: Very clever; looks like it should work against the published attack; isn't this yet another example of "Oh, *this* time we plugged all the holes?".
BTW, note this down at the end:
Recommendations For App Developers
Spectre means that secrets in the same address space as untrusted JavaScript are
more vulnerable than ever before. Based on this, we recommend:
• Switch to the Modern WebKit API if you have not done so already. This
protects your app by running untrusted JavaScript in another process.
Yup. Let the hardware/OS help. Of course that doesn't guarantee *they* get it right, but relying on in-process, same-mode trickery has failed repeatedly, and will fail again.
-- Jerry
More information about the cryptography
mailing list